US11494763B2ActiveUtilityA1

Cryptoasset custodial system with custom logic

74
Assignee: ANCHOR LABS INCPriority: Aug 19, 2019Filed: Sep 12, 2019Granted: Nov 8, 2022
Est. expiryAug 19, 2039(~13.1 yrs left)· nominal 20-yr term from priority
H04L 9/50G06Q 20/3825G06F 21/64H04L 9/3255G06Q 20/3672G06Q 20/3829H04L 2209/56G06Q 20/38215H04L 9/0897G06Q 20/3674G06Q 20/065G06F 21/32G06F 21/6218H04L 9/0637G06Q 20/02H04L 9/0825H04L 9/3239H04L 9/3234H04L 63/0428H04L 9/3247
74
PatentIndex Score
2
Cited by
75
References
20
Claims

Abstract

Methods and systems including: receiving a request to take an action in a cryptoasset custodial system for an account holder; authenticating a policy map associated with the action, wherein the policy map defines access control rules governing which actions are allowed under conditions including a threshold number of endorsements needed; and validating endorsement messages for the action by checking digital signatures of the received endorsement messages, wherein at least one of the validated endorsement messages has been generated by digital signing with a first private key of a person, who is associated with the account holder, and at least one of the validated endorsement messages has been generated by digital signing with a second private key of a program, which is associated with the account holder, responsive to the program confirming one or more circumstances specified by the account holder are met at a time when the program is run.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method comprising:
 receiving, by a hardware security module, a request to take an action in a cryptoasset custodial system for an account holder registered with the cryptoasset custodial system, wherein the hardware security module comprises at least one secure storage device and at least one physical computing device coupled with the at least one secure storage device; 
 authenticating, by the hardware security module, a policy map associated with the action, wherein the policy map defines access control rules governing which actions are allowed under one or more specified conditions including a threshold number of endorsements needed to approve the action; 
 validating, by the hardware security module, at least two endorsement messages received for the action by checking digital signatures of the at least two received endorsement messages, the at least two endorsement messages including a first endorsement message and a second endorsement message, wherein 
 the first endorsement message has been generated by digital signing with a private key of a person, who is associated with the account holder, responsive to input from the person using a computing device that securely stores the private key of the person, and 
 the second endorsement message has been generated by digital signing with a private key of a program, which is associated with the account holder, responsive to the program confirming one or more circumstances specified by the account holder are met; 
 confirming, by the hardware security module, that validated endorsement messages including the at least two validated endorsement messages satisfy the threshold number of endorsements needed to approve the action in accordance with the authenticated policy map; 
 authorizing, by the hardware security module, the action for the registered account holder by digitally signing data associated with the request by using a private key associated with the action, wherein the private key associated with the action i) is stored only within the at least one secure storage device of the hardware security module, ii) has been decrypted, by the hardware security module, from an encrypted version of the private key associated with the action using a hardware-based cryptographic key used by the hardware security module, and iii) is inaccessible to devices external to the hardware security module; and 
 sending, by the hardware security module, the digitally signed data to another computer to effect the action. 
 
     
     
       2. The method of  claim 1 , wherein the cryptoasset custodial system comprises a relay computer communicatively coupled with the hardware security module to isolate the hardware security module from a network outside the cryptoasset custodial system. 
     
     
       3. The method of  claim 2 , wherein the action comprises a cryptoasset transaction for a specified cryptoasset. 
     
     
       4. The method of  claim 3 , wherein authorizing, by the hardware security module, the action by digitally signing data associated with the request by using the private key associated with the action comprises using the cryptoasset private key stored in the hardware security module to authorize withdrawal of a withdrawal amount of the specified cryptoasset. 
     
     
       5. The method of  claim 4 , wherein the cryptoasset transaction comprises a specified destination for the withdrawal amount and wherein the method further comprises:
 validating that the withdrawal amount is less than a threshold and authorizing the cryptoasset transaction only when the specified destination is a trusted destination. 
 
     
     
       6. The method of  claim 5 , wherein the program comprises custom logic and wherein the method further comprises:
 receiving a request to add custom logic for an account holder; 
 determining if a quorum of authorized users for the account holder approve addition of the custom logic; 
 approving the custom logic at a risk analysis system of the cryptoasset custodial system; and 
 adding a custom logic key to an approval process for the account holder when the quorum approves addition of the custom logic for the account holder and when the risk analysis system approves the custom logic for the account holder. 
 
     
     
       7. The method of  claim 1 , wherein the second endorsement message being generated by digital signing with the private key of the program responsive to the program confirming one or more circumstances specified by the account holder are met comprises confirming one or more circumstances specified by the account holder are met at a time when the program is run. 
     
     
       8. A method comprising:
 receiving, by a hardware security module, a request to take an action in a cryptoasset custodial system for an account holder registered with the cryptoasset custodial system; 
 authenticating, by the hardware security module, a policy map associated with the action, wherein the policy map defines access control rules governing which actions are allowed under one or more specified conditions including a threshold number of endorsements needed to approve the action; 
 validating, by the hardware security module, at least two endorsement messages received for the action by checking digital signatures of the at least two received endorsement messages, the at least two endorsement messages including a first endorsement message and a second endorsement message, wherein 
 the first endorsement message has been generated by digital signing with a private key of a person, who is associated with the account holder, responsive to input from the person using a computing device that securely stores the private key of the person, and 
 the second endorsement message has been generated by digital signing with a private key of a program, which is associated with the account holder, responsive to the program confirming one or more circumstances specified by the account holder are met; 
 confirming, by the hardware security module, that validated endorsement messages including the at least two validated endorsement messages satisfy the threshold number of endorsements needed to approve the action in accordance with the authenticated policy map; 
 authorizing, by the hardware security module, the action for the registered account holder by digitally signing data associated with the request by using a private key associated with the action, wherein the private key associated with the action is i) stored only within at least one secure storage device of the hardware security module, and ii) inaccessible to devices external to the hardware security module; and 
 sending, by the hardware security module, the digitally signed data to another computer to effect the action. 
 
     
     
       9. A system comprising:
 one or more hardware security modules, each of the one or more hardware security modules comprising at least one secure storage device and at least one physical computing device coupled with the at least one secure storage device and configured to provide cryptographic processing to manage private keys of asymmetric cryptographic key pairs usable to control ownership of cryptoassets in at least one blockchain; and 
 one or more server computers communicatively coupled with the one or more hardware security modules to access the cryptographic processing performed by the at least one physical computing device using the private keys; 
 wherein the at least one physical computing device of each of the one or more hardware security modules is configured to:
 receive a request to take an action in a cryptoasset custodial system for an account holder registered with the cryptoasset custodial system; 
 authenticate a policy map associated with the action, wherein the policy map defines access control rules governing which actions are allowed under one or more specified conditions including a threshold number of endorsements needed to approve the action; 
 validate at least two endorsement messages received for the action by checking digital signatures of the at least two received endorsement messages, the at least two endorsement messages including a first endorsement message and a second endorsement message, wherein
 the first endorsement message has been generated by digital signing with a private key of a person, who is associated with the account holder, responsive to input from the person using a computing device that securely stores the private key of the person, and 
 the second endorsement message has been generated by digital signing with a private key of a program, which is associated with the account holder, responsive to the program confirming one or more circumstances specified by the account holder are met at a time when the program is run; 
 
 confirm that validated endorsement messages including the at least two validated endorsement messages satisfy the threshold number of endorsements needed to approve the action in accordance with the authenticated policy map; 
 authorize the action for the registered account holder by digitally signing data associated with the request using a private key associated with the action, wherein the private key associated with the action is i) stored only within the one or more hardware security modules, and ii) inaccessible to devices external to the one or more hardware security modules; and 
 send the digitally signed data to another computer to effect the action. 
 
 
     
     
       10. The system of  claim 9 , wherein the cryptoasset custodial system comprises a relay computer communicatively coupled with the hardware security module to isolate the hardware security module from a network outside the cryptoasset custodial system. 
     
     
       11. The system of  claim 9 , wherein the action comprises a cryptoasset transaction for a specified cryptoasset. 
     
     
       12. The system of  claim 11 , wherein authorizing the action by digitally signing data associated with the request using the private key associated with the action comprises using the private key stored in the hardware security module to authorize withdrawal of a withdrawal amount of the specified cryptoasset, and wherein the private key has been decrypted, by the hardware security module, from an encrypted version of the private key using a hardware-based cryptographic key stored on the hardware security module. 
     
     
       13. The system of  claim 12 , wherein the cryptoasset transaction comprises a specified destination for the withdrawal amount and wherein the system further comprises:
 validating that the withdrawal amount is less than a threshold and authorizing the cryptoasset transaction only when the specified destination is a trusted destination. 
 
     
     
       14. The system of  claim 12 , wherein the program comprises custom logic and wherein the at least one physical computing device of each of the one or more hardware security modules is configured to:
 receive a request to add custom logic for an account holder; 
 determine if a quorum of authorized users for the account holder approve the addition of the custom logic; 
 approve the custom logic at a risk analysis system of the cryptoasset custodial system; and 
 add a custom logic key to an approval process for the account holder when the quorum approves addition of the custom logic for the account holder and when the risk analysis system approves the custom logic for the account holder. 
 
     
     
       15. The system of  claim 9 , wherein the second endorsement message being generated by digital signing with the private key of the program responsive to the program confirming one or more circumstances specified by the account holder are met comprises confirming one or more circumstances specified by the account holder are met at a time when the program is run. 
     
     
       16. A computer-readable medium encoding a computer program operable to cause a hardware security module, comprising at least one secure storage device and at least one physical computing device coupled with the at least one secure storage device, to perform operations comprising:
 receiving a request to take an action in a cryptoasset custodial system for an account holder registered with the cryptoasset custodial system; 
 authenticating a policy map associated with the action, wherein the policy map defines access control rules governing which actions are allowed under one or more specified conditions including a threshold number of endorsements needed to approve the action; 
 validating at least two endorsement messages received for the action by checking digital signatures of the at least two received endorsement messages, the at least two endorsement messages including a first endorsement message and a second endorsement message, wherein
 the first endorsement message has been generated by digital signing with a private key of a person, who is associated with the account holder, responsive to input from the person using a computing device that securely stores the private key of the person, and 
 the second endorsement message has been generated by digital signing with a private key of a program, which is associated with the account holder, responsive to the program confirming one or more circumstances specified by the account holder are met at a time when the program is run; 
 
 confirming that validated endorsement messages including the at least two validated endorsement messages satisfy the threshold number of endorsements needed to approve the action in accordance with the authenticated policy map; 
 authorizing the action for the registered account holder by digitally signing data associated with the request using a private key associated with the action, wherein the private key associated with the action is i) stored only within the at least one secure storage device of the hardware security module, and ii) inaccessible to devices external to the hardware security module; and 
 sending the digitally signed data to another computer to effect the action. 
 
     
     
       17. The computer readable medium of  claim 16 , wherein the cryptoasset custodial system comprises a relay computer communicatively coupled with the hardware security module to isolate the hardware security module from a network outside the cryptoasset custodial system. 
     
     
       18. The computer readable medium of  claim 17 , wherein the action comprises a cryptoasset transaction for a specified cryptoasset. 
     
     
       19. The computer readable medium of  claim 18 , wherein authorizing the action by digitally signing data associated with the request by using the private key associated with the action comprises using the private key stored in the hardware security module to authorize withdrawal of a withdrawal amount of the specified cryptoasset and wherein the private key has been decrypted, by the hardware security module, from an encrypted version of the private key using a hardware-based cryptographic key stored on the hardware security module. 
     
     
       20. The computer readable medium of  claim 19 , wherein the cryptoasset transaction comprises a specified destination for the withdrawal amount and wherein the operations further comprise:
 validating that the withdrawal amount is less than a threshold and authorizing the cryptoasset transaction only when the specified destination is a trusted destination.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.